<?php
session_start();
define('IN_WADMIN', true);
require_once '../include/common.php';
require_once './aconn.php';
$title="后台管理";
include ('../include/head.php');

$li=(isset( $_SESSION['w_adminname']))?'<li role="presentation"><a href="index.php">管理中心</a></li>':'<li role="presentation"><a href="index.php">后台登陆</a></li>';
echo '<div class="header">
        <ul class="nav nav-pills pull-right" role="tablist">
          <li role="presentation" class="active"><a href="../index.php">首页</a></li>
          '.$li.'
          <li role="presentation"><a href="index.php?action=logout">退出</a></li>
        </ul>
        <h3 class="text-muted" align="left">后台管理</h3>
      </div><hr>';
if(isset($_SESSION['w_adminname'])&&isset($_SESSION['w_adminid'])){
	$w_adminid=userid($_SESSION['w_adminname'],$key,$w_adminpwd);
	if($_SESSION['w_adminid']==$w_adminid){
		if($_GET['do'] == "pz"){
			if(isset($_POST['key'])&&isset($_POST['run_num'])){
			$w_name=$_POST['w_name'];
			$ad=$_POST['ad'];
			$key=$_POST['key'];
			$run_num=$_POST['run_num'];
			$tj=$_POST['tj'];
			$icp=$_POST['icp'];
			$kf=$_POST['kf'];
			$pttz=$_POST['pttz'];
			$tc=$_POST['tc'];
				$xgpz='<?php
if(!defined(\'IN_WSHUO\')) exit();
$w_name=\''.$w_name.'\';
$ad=\''.$ad.'\';
$key = \''.$key.'\';
$run_num=\''.$run_num.'\';
$tj=\''.$tj.'\';
$icp=\''.$icp.'\';
$kf=\''.$kf.'\';
$pttz=\''.$pttz.'\';
$tc=\''.$tc.'\';
?>';
				chmod("../include/data/conn.php",0777);
				file_put_contents('../include/data/conn.php', $xgpz) or die("修改出错!");
				echo "修改成功！";
			}else{
			echo '<h3 class="form-signin-heading">系统配置</h3>
		<form action="do.php?do=pz" class="form-sign" method="post">
		网站名称:<br><input type="text" class="form-control" name="w_name" value="'.$w_name.'"><br>
		宣传后缀:<br><input type="text" class="form-control" name="ad" value="'.$ad.'"><br>
		密匙key(修改将导致全站cookie失效):<br><a href="http://sq.m5i.cn/key.php">获取KEY</a><br>
		<input type="text" class="form-control" name="key" value="'.$key.'"><br>
		每次登陆数(php超时时间而定):<br><input type="text" class="form-control" name="run_num" value="'.$run_num.'"><br>
		<label for="name">底部统计代码:</label><br>
		<textarea class="form-control" name="tj" rows="3">'.$tj.'</textarea><br>
		备案信息:<br><input type="text" class="form-control" name="icp" value="'.$icp.'"><br>
		<label for="name">客服:</label><br>
		<textarea class="form-control" name="kf" rows="3">'.$kf.'</textarea><br>
		<label for="name">平台通知:</label><br>
		<textarea class="form-control" name="pttz" rows="3">'.$pttz.'</textarea><br>
		<label for="name">弹窗:</label><br>
		<textarea class="form-control" name="tc" rows="3">'.$tc.'</textarea><br>
		<input type="submit" class="btn btn-primary btn-block" name="submit" value="修改">
		</form>';
		}
		}
		
		if($_GET['do'] == "list"){
		$u_sql = "SELECT `id` FROM `w_user`";
		$u_sth = $db->query($u_sql);
		$u_num = $u_sth->rowCount();
		
		$q_sql = "SELECT `gqid` FROM `w_qq`";
		$q_sth = $db->query($q_sql);
		$q_num = $q_sth->rowCount();
		
		$gq_sql = "SELECT `gqid` FROM `w_qq` WHERE gq='1'";
		$gq_sth = $db->query($gq_sql);
		$gq_num = $gq_sth->rowCount();
		
		$dz_sql = "SELECT `gqid` FROM `w_qq` WHERE dz='1'";
		$dz_sth = $db->query($dz_sql);
		$dz_num = $dz_sth->rowCount();
		
		$pl_sql = "SELECT `gqid` FROM `w_qq` WHERE pl='1'";
		$pl_sth = $db->query($pl_sql);
		$pl_num = $pl_sth->rowCount();
		
		$s_sql = "SELECT `gqid` FROM `w_qq` WHERE shuo='1'";
		$s_sth = $db->query($s_sql);
		$s_num = $s_sth->rowCount();
		
		$usid_sql = "SELECT `gqid` FROM `w_qq` WHERE upsid='1'";
		$usid_sth = $db->query($usid_sql);
		$usid_num = $usid_sth->rowCount();
echo '<table class="table table-bordered">
	<thead>
		<tr>
			<th>名称</th>
			<th>数量</th>
		</tr>
	</thead>
	<tbody>
		<tr>
			<td><span class="label label-info">用户</span></td>
			<td><a href=""><span class="label label-danger">'.$u_num.'</span></a></td>
		</tr>
		<tr>
			<td><span class="label label-info">总Q数</span></td>
			<td><a href=""><span class="label label-danger">'.$q_num.'</span></a></td>
		</tr>
		<tr>
			<td><span class="label label-info">挂Q服务</span></td>
			<td><a href=""><span class="label label-danger">'.$gq_num.'</span></a></td>
		</tr>
		<tr>
			<td><span class="label label-info">点赞服务</span></td>
			<td><a href=""><span class="label label-danger">'.$dz_num.'</span></a></td>
		</tr>
		<tr>
			<td><span class="label label-info">评论服务</span></td>
			<td><a href=""><span class="label label-danger">'.$pl_num.'</span></a></td>
		</tr>
		<tr>
			<td><span class="label label-info">说说服务</span></td>
			<td><a href=""><span class="label label-danger">'.$s_num.'</span></a></td>
		</tr>
		<tr>
			<td><span class="label label-info">自动SID</span></td>
			<td><a href=""><span class="label label-danger">'.$usid_num.'</span></a></td>
		</tr>
	</tbody>
	</table>
';
	
		}
		
		
		if($_GET['do'] == "index"){
		include ('../include/index_js.php');
			if(isset($_POST['i1'])&&isset($_POST['i2'])){
			$i1=$_POST['i1'];
			$i2=$_POST['i2'];
			$i3=$_POST['i3'];
			$i4=$_POST['i4'];
				$xgpz='<?php
$index1=\''.$i1.'\';
$index2=\''.$i2.'\';
$index3=\''.$i3.'\';
$index4=\''.$i4.'\';
';
				file_put_contents('../include/index_js.php', $xgpz) or die("修改出错!");
				echo "修改成功！";
			}else{
			echo '<h3 class="form-signin-heading">首页介绍修改</h3>
		<form action="do.php?do=index" class="form-sign" method="post">
		<label for="name">一:</label><br>
		<textarea class="form-control" name="i1" rows="4">'.$index1.'</textarea><br>
		<label for="name">二:</label><br>
		<textarea class="form-control" name="i2" rows="4">'.$index2.'</textarea><br>
		<label for="name">三:</label><br>
		<textarea class="form-control" name="i3" rows="4">'.$index3.'</textarea><br>
		<label for="name">四:</label><br>
		<textarea class="form-control" name="i4" rows="4">'.$index4.'</textarea><br>
		<input type="submit" class="btn btn-primary btn-block" name="submit" value="修改">
		</form>';
		}
		}
		
		if($_GET['do'] == "pw"){
			if(isset($_POST['newpassword'])&&isset($_POST['password'])){
				$password=md5($_POST['password']);
				$newpassword=md5($_POST['newpassword']);
				$newrepass=md5($_POST['newrepass']);
				if($password!=$w_adminpwd){
					echo '原密码错误!3秒后重新修改...<br />若无法跳转请<a href="do.php?do=pw">点击这里进入</a><meta http-equiv="refresh" content="3;url=do.php?do=pw">';
				}elseif($newpassword!=$newrepass){
					echo '两次密码不一样!3秒后重新修改...<br />若无法跳转请<a href="do.php?do=pw">点击这里进入</a><meta http-equiv="refresh" content="3;url=do.php?do=pw">';
				}else{
					$name=$_POST['name'];
$xgpw='<?php
if(!defined(\'IN_WADMIN\')) exit();
$w_adminname=\''.$name.'\';
$w_adminpwd=\''.$newpassword.'\';
?>';
						file_put_contents('./aconn.php', $xgpw) or die("修改出错!");
						echo '修改成功！请重新登陆！3秒后重新修改...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
					}
			}else{
			echo '
			 <h3 class="form-signin-heading">修改密码</h3>
			 <form action="do.php?do=pw" class="form-sign" method="post">
			 用户名:<br><input type="text" class="form-control" name="name" value="'.$w_adminname.'"><br>
			 原密码:<br><input type="text" class="form-control" name="password" value=""><br>
			 新密码:<br><input type="text" class="form-control" name="newpassword" value=""><br>
			 重复密码:<br><input type="text" class="form-control" name="newrepass" value=""><br>
			 <input type="submit" class="btn btn-primary btn-block" name="submit" value="确认修改">
			 </form>';
			}
		}
		
		if(!isset($_GET['do'])){
			echo '访问出错!<br />3秒后自动跳转...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
		}
	}else{
		echo '身份失效请重新登陆!<br />3秒后自动跳转...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
	}
	
}else{
	echo '身份失效请重新登陆!<br />3秒后自动跳转...<br />若无法跳转请<a href="index.php">点击这里进入</a><meta http-equiv="refresh" content="3;url=index.php">';
}

include ('../include/foot.php');